Apache Camel CVE-2018-8041 Directory Traversal Vulnerability
BID:105352
CVE-2018-8041 |Info
Apache Camel CVE-2018-8041 Directory Traversal Vulnerability
| Bugtraq ID: | 105352 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-8041 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 17 2018 12:00AM |
| Updated: | Sep 17 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Apache Camel 2.22 Apache Camel 2.21.1 Apache Camel 2.21 Apache Camel 2.20.3 Apache Camel 2.20.1 Apache Camel 2.20 |
| Not Vulnerable: |
Apache Camel 2.22.1 Apache Camel 2.21.2 Apache Camel 2.20.4 |
Discussion
Apache Camel CVE-2018-8041 Directory Traversal Vulnerability
Apache Camel is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
Apache Camel 2.20.0 through 2.20.3, Camel 2.21.0 through 2.21.1 and Camel 2.22.0 are vulnerable.
Apache Camel is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
Apache Camel 2.20.0 through 2.20.3, Camel 2.21.0 through 2.21.1 and Camel 2.22.0 are vulnerable.
Exploit / POC
Apache Camel CVE-2018-8041 Directory Traversal Vulnerability
An attacker can exploit this issue using a web browser.
An attacker can exploit this issue using a web browser.
References
Apache Camel CVE-2018-8041 Directory Traversal Vulnerability
References:
References:
- Apache Homepage (Apache)
- CVE-2018-8041: Apache Camel's Mail is vulnerable to path traversal (Apache Software Foundation)